forked from cilium/tetragon
-
Notifications
You must be signed in to change notification settings - Fork 0
164 lines (143 loc) · 5.94 KB
/
packages-e2e-tests.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
name: Packages e2e Tests
on:
pull_request:
paths-ignore:
- "**.md"
- 'docs/**'
jobs:
standalone-tarball-builds:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
include:
# We use the native arch build
- os: ubuntu-22.04
arch: amd64
match_arch: x86-64
cross_compile: no
upload_path: upload/
- os: ubuntu-22.04
arch: arm64
match_arch: arm64
cross_compile: yes
upload_path: upload-cross-compile/
steps:
# https://github.com/docker/setup-buildx-action
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
- name: Checkout Source Code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Getting version tag
id: tag
run: echo "tag=$(make version)" >> $GITHUB_OUTPUT
- name: Generate Tetragon Tarball
if: ${{ matrix.cross_compile == 'no' }}
id: tetragon-tarball
run: |
make tarball
mkdir ${{ matrix.upload_path }}
mv ./build/${{ matrix.arch }}/linux-tarball/tetragon-${{ steps.tag.outputs.tag }}-${{ matrix.arch }}.tar.gz ./${{ matrix.upload_path }}
- name: Generate Cross Compiled Tetragon Tarball
if: ${{ matrix.cross_compile == 'yes' }}
run: |
sudo apt-get update
sudo apt-get install -y qemu qemu-user-static binfmt-support
sudo update-binfmts --display
make TARGET_ARCH=${{ matrix.arch }} tarball
mkdir ${{ matrix.upload_path }}
mv ./build/${{ matrix.arch }}/linux-tarball/tetragon-${{ steps.tag.outputs.tag }}-${{ matrix.arch }}.tar.gz ./${{ matrix.upload_path }}
# Cache tarball releases for later
- name: Save tetragon-${{ steps.tag.outputs.tag }}-${{ matrix.arch }}.tar.gz Tarball
uses: actions/upload-artifact@1eb3cb2b3e0f29609092a73eb033bb759a334595 # v4.1.0
with:
name: tetragon-${{ steps.tag.outputs.tag }}-${{ matrix.arch }}
path: ${{ matrix.upload_path }}
retention-days: 1
standalone-tarball-tests:
needs: [standalone-tarball-builds]
runs-on: ${{ matrix.os }}
strategy:
matrix:
include:
- os: ubuntu-22.04
arch: amd64
match_arch: x86-64
cross_compile: no
upload_path: upload/
- os: actuated-arm64-4cpu-8gb
arch: arm64
match_arch: arm64
cross_compile: yes
upload_path: upload-cross-compile/
steps:
- name: Checkout Source Code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Getting version tag
id: tag
run: echo "tag=$(make version)" >> $GITHUB_OUTPUT
- name: Retrieve tetragon-${{ steps.tag.outputs.tag }}-${{ matrix.arch }}.tar.gz
uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1
with:
name: tetragon-${{ steps.tag.outputs.tag }}-${{ matrix.arch }}
path: ${{ matrix.upload_path }}
- name: Move tetragon-${{ steps.tag.outputs.tag }}-${{ matrix.arch }}.tar.gz to build
run: |
mkdir -p ./build/${{ matrix.arch }}/
mv ${{ matrix.upload_path }} ./build/${{ matrix.arch }}/linux-tarball
- name: Copy bpf.yaml tracing policy to /etc/tetragon/tetragon.tp.d/
run: |
sudo mkdir -p /etc/tetragon/tetragon.tp.d/
sudo cp examples/tracingpolicy/bpf.yaml /etc/tetragon/tetragon.tp.d/bpf.yaml
- name: Install Tetragon Tarball
run: |
tar zxvf tetragon-${{ steps.tag.outputs.tag }}-${{ matrix.arch }}.tar.gz
sudo ./tetragon-${{ steps.tag.outputs.tag }}-${{ matrix.arch }}/install.sh
working-directory: ./build/${{ matrix.arch }}/linux-tarball/
- name: Wait for Tetragon service
uses: nick-fields/retry@14672906e672a08bd6eeb15720e9ed3ce869cdd4 # v2
with:
timeout_seconds: 30
max_attempts: 5
retry_wait_seconds: 5
retry_on: error
command: |
# Ensure that default native builds work
file /usr/local/bin/tetragon | grep ${{ matrix.match_arch }} -
sudo systemctl is-active tetragon
sudo tetra status
- name: Check Tetragon startup logs
run: sudo journalctl -b -u tetragon --no-pager
- name: Test Tetragon
run: |
sudo tetra status
sudo tetra tracingpolicy list | grep bpf -
sudo tetra bugtool
test $(stat -c %a /var/run/tetragon/tetragon.sock) -eq "660"
sudo tetra tracingpolicy add examples/tracingpolicy/tcp-connect.yaml
sudo tetra tracingpolicy list | grep connect -
sudo grep "tetra" /var/log/tetragon/tetragon.log
- name: Setup Tetragon with a different tracing-policy-dir
run: |
sudo systemctl stop tetragon
sudo mkdir -p /opt/tetragon.tp.d/
sudo cp examples/tracingpolicy/bpf.yaml /opt/tetragon.tp.d/bpf.yaml
echo "/opt/tetragon.tp.d/" | sudo tee /etc/tetragon/tetragon.conf.d/tracing-policy-dir
sudo systemctl start tetragon
- name: Test Tetragon with a different tracing-policy-dir
uses: nick-fields/retry@14672906e672a08bd6eeb15720e9ed3ce869cdd4 # v2
with:
timeout_seconds: 30
max_attempts: 5
retry_wait_seconds: 5
retry_on: error
command: |
sudo systemctl is-active tetragon
sudo tetra status
sudo grep "tetra" /var/log/tetragon/tetragon.log
sudo tetra tracingpolicy list | grep bpf -
sudo tetra bugtool
- name: Uninstall Tetragon Tarball
run: |
sudo ./tetragon-${{ steps.tag.outputs.tag }}-${{ matrix.arch }}/uninstall.sh
working-directory: ./build/${{ matrix.arch }}/linux-tarball/